server {
    listen 80;
    server_name *.${DOMAIN};
    server_tokens off;

    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }

    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name backend.${DOMAIN};
    server_tokens off;

    ssl_certificate /etc/letsencrypt/live/backend.${DOMAIN}/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/backend.${DOMAIN}/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    location / {
        set $backend http://backend:8000;
        resolver 127.0.0.11;
        proxy_pass  $backend;
        proxy_set_header    Host                $http_host;
        proxy_set_header    X-Real-IP           $remote_addr;
        proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
    }
}

server {
    listen 443 ssl;
    server_name rabbit.${DOMAIN};
    server_tokens off;

    ssl_certificate /etc/letsencrypt/live/backend.${DOMAIN}/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/backend.${DOMAIN}/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    location / {
        set $rabbitmq http://rabbitmq:15672;
        resolver 127.0.0.11;
        proxy_pass  $rabbitmq;
        proxy_set_header    Host                $http_host;
        proxy_set_header    X-Real-IP           $remote_addr;
        proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
    }
}

server {
    listen 443 ssl;
    server_name pgadmin.${DOMAIN};
    server_tokens off;

    ssl_certificate /etc/letsencrypt/live/backend.${DOMAIN}/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/backend.${DOMAIN}/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    location / {
        set $pgadmin http://pgadmin:5050;
        resolver 127.0.0.11;
        proxy_pass  $pgadmin;
        proxy_set_header    Host                $http_host;
        proxy_set_header    X-Real-IP           $remote_addr;
        proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
    }
}

server {
    listen 443 ssl;
    server_name flower.${DOMAIN};
    server_tokens off;

    ssl_certificate /etc/letsencrypt/live/backend.${DOMAIN}/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/backend.${DOMAIN}/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    location / {
        set $pgadmin http://flower:8888;
        resolver 127.0.0.11;
        proxy_pass  $flower;
        proxy_set_header    Host                $http_host;
        proxy_set_header    X-Real-IP           $remote_addr;
        proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
    }
}
